noanonymous Don't use mechanisms that permit anonymous authentication.
noplaintext Don't use mechanisms that transmit unencrypted username and password information.
nodictionary Don't use mechanisms that are vulnerable to dictionary attacks.
forward_secrecy Require forward secrecy between sessions (breaking one session does not break earlier sessions).
mutual_auth Use only mechanisms that authenticate both the client and the server to each other.